Triage | Malware sandboxing report by Hatching Triage

Resubmissions

03-02-2023 00:05

230203-adj9nacd31 7

02-02-2023 23:58

230202-31dplscc8v 7

Sharing

General

Target

Waking_Up_2.11.0_510_40e1c7.apk
Size

47MB
Sample

230203-adj9nacd31
MD5

ebec055d67300fc0556194e9a23ce0f7
SHA1

e39d33784054b682c4b70cfff3e61b17157b47ba
SHA256

40e1c700c3043aec8d7f42c9f822256abc35591c83bad0310b8345f86ea48102
SHA512

e876e42b9701634f1103c11cbdc8c93a17fa34e67b7dfe83b9f5f2b2b4c8ca2acc6753170c4b51a6c7304bc29f741fcf4aaf00563ee7453acb1b4f96c9b806ef
SSDEEP

786432:L6nM/SxTQLYiPbStIau15om+Sa3a/2Oh2JHzUj1r5JujZmGOkHWoNY7hnRHW/i:CtJDiOSTqmJ//LX1r5GOkHYnRYi

Score

7^/10

android ransomware

Malware Config

Targets

- Target
  
  Waking_Up_2.11.0_510_40e1c7.apk
- Size
  
  47MB
- MD5
  
  ebec055d67300fc0556194e9a23ce0f7
- SHA1
  
  e39d33784054b682c4b70cfff3e61b17157b47ba
- SHA256
  
  40e1c700c3043aec8d7f42c9f822256abc35591c83bad0310b8345f86ea48102
- SHA512
  
  e876e42b9701634f1103c11cbdc8c93a17fa34e67b7dfe83b9f5f2b2b4c8ca2acc6753170c4b51a6c7304bc29f741fcf4aaf00563ee7453acb1b4f96c9b806ef
- SSDEEP
  
  786432:L6nM/SxTQLYiPbStIau15om+Sa3a/2Oh2JHzUj1r5JujZmGOkHWoNY7hnRHW/i:CtJDiOSTqmJ//LX1r5GOkHYnRYi
Score

7^/10

ransomware
- Checks Android system properties for emulator presence.
- Loads dropped Dex/Jar
  Runs executable file dropped to the device during analysis.
- Reads information about phone network operator.
- Uses Crypto APIs (Might try to encrypt user data).
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

static1

behavioral1

behavioral2